Basic Access Authentication, commonly called Basic Auth, is an authentication mechanism where the credentials are supplied, in base64 encoded form, in the request header, in this format:
Authorization: Basic [base64 encoded credentials]
Creating Your Basic Auth Header
Online tools exist which take your credentials as input, and output a basic auth header. Just search for basic auth header generator or something similar.
Alternatively, on Linux or Mac you can generate the header localy using the Command Line Interface (CLI):
echo "Authorization: Basic $(echo -n 'myusername:mypassword' | base64)"
where myusername is your username and mypassword is your password.
The output will be something like this:
Authorization: Basic bXl1c2VybmFtZTpteXBhc3N3b3Jk
Adding The Header To Your AppCheck Scan
Note: If your application uses both Basic Access Authentication and another authentication mechanism you can use the basic auth header in conjunction with a GoScript to authenticate with both systems.
The basic auth header should be added in:
Web Application Scanner Settings
-> HTTP Headers
-> Custom HTTP Headers
Article is closed for comments.